[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [OASIS Issue Tracker] (OFFICE-3940) Add OpenPGP-based XML encryption
[ https://issues.oasis-open.org/browse/OFFICE-3940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=68445#comment-68445 ] Thorsten Behrens commented on OFFICE-3940: ------------------------------------------ Example manifest.xml: <?xml version="1.0" encoding="UTF-8"?> <manifest:manifest xmlns:manifest="urn:oasis:names:tc:opendocument:xmlns:manifest:1.0" manifest:version="1.3"> <manifest:keyinfo> <manifest:encrypted-key> <manifest:encryption-method manifest:PGPAlgorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> <manifest:keyinfo> <manifest:PGPData> <manifest:PGPKeyID>base64_for_keyID1</manifest:PGPKeyID> <manifest:PGPKeyPacket>base64_for_key1</manifest:PGPKeyPacket> </manifest:PGPData> </manifest:keyinfo> <manifest:CipherData> <manifest:CipherValue>base64_crypt_1</manifest:CipherValue> </manifest:CipherData> </manifest:encrypted-key> <manifest:encrypted-key> <manifest:encryption-method manifest:PGPAlgorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/> <manifest:keyinfo> <manifest:PGPData> <manifest:PGPKeyID>base64_for_keyID2</manifest:PGPKeyID> <manifest:PGPKeyPacket>base64_for_key2</manifest:PGPKeyPacket> </manifest:PGPData> </manifest:keyinfo> <manifest:CipherData> <manifest:CipherValue>base64_crypt_2</manifest:CipherValue> </manifest:CipherData> </manifest:encrypted-key> . . . </manifest:keyinfo> <manifest:file-entry manifest:full-path="/" manifest:version="1.2" manifest:media-type="application/vnd.oasis.opendocument.text"/> <manifest:file-entry manifest:full-path="content.xml" manifest:media-type="text/xml" manifest:size="6316"> <manifest:encryption-data manifest:checksum-type="urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#sha256-1k" manifest:checksum="WN7vgYkjABN7BQmDZwygcZ1vIs1lAP+EZH97pAj0J1Y="> <manifest:algorithm manifest:algorithm-name="http://www.w3.org/2001/04/xmlenc#aes256-cbc" manifest:initialisation-vector="ow2jC4koEAkbFpskMd6neQ=="/> <manifest:key-derivation manifest:key-derivation-name="PGP"/> </manifest:encryption-data> </manifest:file-entry> <manifest:file-entry manifest:full-path="styles.xml" manifest:media-type="text/xml" manifest:size="12396"> <manifest:encryption-data manifest:checksum-type="urn:oasis:names:tc:opendocument:xmlns:manifest:1.0#sha256-1k" manifest:checksum="w3KftLo5k2aDQr0RcjB4RZVJc/rbSdqZc0S6V3yv7v8="> <manifest:algorithm manifest:algorithm-name="http://www.w3.org/2001/04/xmlenc#aes256-cbc" manifest:initialisation-vector="mhha8t2a00tITDTyejOeRQ=="/> <manifest:key-derivation manifest:key-derivation-name="PGP"/> </manifest:encryption-data> </manifest:file-entry> . . . </manifest:manifest> > Add OpenPGP-based XML encryption > -------------------------------- > > Key: OFFICE-3940 > URL: https://issues.oasis-open.org/browse/OFFICE-3940 > Project: OASIS Open Document Format for Office Applications (OpenDocument) TC > Issue Type: New Feature > Components: Packaging > Affects Versions: ODF 1.3 > Reporter: Thorsten Behrens > Fix For: ODF 1.3 > > > Currently ODF supports password-based encryption, using a user-provided string of characters to encrypt an AES session encryption key. > That is not ideal in the context of sharing documents securely with wider audiences, since one always needs a secure sidechannel to distribute the passphrase. > This proposal builds on top of https://www.w3.org/TR/2002/REC-xmlenc-core-20021210/ for XML encryption, and essentially extends the ODF manifest markup with a few nodes to denote OpenPGP key material plus transport encryption for the session key -- This message was sent by Atlassian JIRA (v6.2.2#6258)
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]